Learning-204 Flashcards
What is Serverless?
A serverless service could have all or most of the following characteristics:
- Highly elastic and scalable
- highly available
- Highly durable
- Secure by default
What is Function as a Service (FaaS)?
Allows developers to focus on just writing pieces of code (functions)
Has event-driven integration trigger functions based on event data or to emit event data
Generally multiple functions are orchestrated together to create a serverless app
Functions generally only run when needed.
Function as a Service (FaaS) is not serverless on its own.
FaaS is only serverless if it’s fully managed and scales to zero ( when not in use the serverless resources cost nothing).
What is Cloud Instance Initialization?
The process of preparing an instance with configuration data for the operating system and runtime environment.
Cloud instances are initialized from a disk image and instance data:
Meta-data
User-data
Vendor-data
Azure VMs are grouped into:
Types
- General purpose: Balanced CPU-to-Memory ratio. Testing and development, small to medium databases, and low to medium traffic web servers.
- Compute optimized: High CPU-to-memory ratio. Good for medium traffic web servers, network appliances, batch processes, and app servers.
- Memory optimized: High memory-to-CPU ratio. Great for relational database servers, medium to large caches, and in-memory analytics
- Storage optimized: High disk throughput and IO ideal for Big Data, SQL, NoSQL databases, data warehousing and large transactional databases.
- GPU accelerated: Specialized VMs for heavy graphic rendering and video editing, model training and inferencing (ND) with deep learning. Available with single or multiple GPUs.
- FPGA (field-programmable gate array) accelerated: specialized virtual machines available with single or multiple FPGAs. Machine learning inference, Video transcoding, Database search and analytics
-High performance compute: Our fastest and most powerful CPU virtual machines with optional high-throughput network interfaces
Azure Functions uses 4 storage types in the Storage Account
- Blob Storage: Maintain bindings state and function keys
- Azure Files:
=>File share is used to store and run your function app code in a Consumption Plan and Premium Plan.
=>Azure Files is set up by default, but you can create an app without Azure Files under certain conditions. - Queue Storage:Used by task hubs in Durable Functions and for failure and retry handling by specific Azure Functions triggers.
- Table Storage: Used by task hubs in Durable Functions.
Azure Functions
function.json — configuration of a single function defining the function’s trigger, bindings, and other configuration settings.
Code — The code for your function
.funcignore — files to ignore
host.json — global configuration of all functions at the function app level
Local Project — a place to locally store code
The authorization level can be one of 3 values
anonymous—No API key is required.
function—A function-specific API key is required (default value).
admin—The master key is required.
here are two ways to view a stream of log files being generated by your function executions
- Built-in log streaming
the App Service platform lets you view a stream of your application log files. - Live Metrics Stream
when your function app is connected to Application Insights, you can view log data and other metrics in near real-time in the Azure portal using Live Metrics Stream
Azure provides function templates to get you started with common function scenarios
HTTP triggered by an HTTP request and returns HTTP
Timer triggered based on a schedule
Blob Storage triggered when files are uploaded/updated in a Blob storage container.
Cosmos DB triggered when processing a new/modified Cosmos DB documents.
Queue Storage triggered by Azure Storage queue messages.
Event Grid triggered by event from Event Grid
Many Azure services can trigger a function through Event Grid
Event Grid is a serverless event bus integrated with Azure services
Event Hub – triggered by Event Hub event. (streaming)
Service Bus Queue – triggered by a message in a Bus Queue (messaging)
Service Bus Topics – triggered by an event from Bus Topic (pub/sub)
SendGrid — triggered by an email event in third-party service SendGrid
You choose the function template during project creation only in Visual Studio Code
What is a trigger?
A trigger is a specific type of event which causes the function to run.
It defines how a function is invoked and a function must only have one trigger.
Triggers can have associated data which is often provided as the payload of the function.
The direction of triggers is always In
What is a binding?
Bindings define if your function is connected to another service
The data from bindings is provided to the function as parameters.
Bindings are optional, and a function can have multiple input and output bindings
Azure Functions – Unreachable, what reasons?
Storage account was deleted
Storage account application settings were deleted
Storage account credentials are invalid
Storage account is inaccessible
Daily execution quota is full
App is behind a firewall
Durable Functions
Durable Functions is a serverless compute extension of Azure Functions that allows you to write stateful functions.
The extension introduces two types of functions:
Orchestrator 调者 function — define stateful workflows (implicitly representing state via control flow.)
Entity function — manage the state of an entity (explicitly representing state)
KEDA
AKS
Kubernetes Event-driven Autoscaling (KEDA) allows you to setup autoscaling based on events from various cloud-native and third-party services.
Azure Kubernetes Services (AKS)
What is Cloud Instance Initialization?
The process of preparing an instance with configuration data for the operating system and runtime environment.
Cloud instances are initialized from a disk image and instance data:
Meta-data
User-data: is a script that you want to run when an instance first boots up
Vendor-data
Azure VMs are grouped into:
Types eg. General Purposes, Compute Optimized
Sizes eg. B, Dsv3 (also called Series or SKU Family)
General Purpose Balanced CPU-to-Memory ratio. Testing and development, small to medium databases, and low to medium traffic web servers.
SKUs: B, Dsv3, Dv3, Dasv4, Dav4, DSv2, Dv2, Av2, DC, DCv2, Dv4, Dsv4, Ddv4, Ddsv4
Compute Optimized High CPU-to-memory ratio. Good for medium traffic web servers, network appliances, batch processes, and app servers.
SKUs: F, Fs, Fsv2
Memory Optimized High memory-to-CPU ratio. Great for relational database servers, medium to large caches, and in-memory analytics
SKUs: Esv3, Ev3, Easv4, Eav4, Ev4, Esv4, Edv4, Edsv4, Mv2, M, DSv2, Dv2
Storage Optimized High disk throughput and IO ideal for Big Data, SQL, NoSQL databases, data warehousing and large transactional databases.
SKUs: Lsv2
GPU Specialized VMs for heavy graphic rendering and video editing, model training and inferencing (ND) with deep learning. Available with single or multiple GPUs.
SKUs: NC, NCv2, NCv3, NCasT4_v3 (Preview), ND, NDv2 (Preview), NV, NVv3, NVv4
High performance compute Our fastest and most powerful CPU virtual machines with optional high-throughput network interfaces (RDMA).
SKUs: HB, HBv2, HC, H
Azure Compute Unit (ACU)
a way of comparing compute (CPU) performance across Azure SKUs.
ACU is currently standardized on a Small (Standard_A1) VM with the value of 100
Hyper-V
Microsoft’s hardware virtualization product.
It lets you create and run a software version of a computer, called a virtual machine
Hyper-V is just like Virtual Box
There are two generations of Hyper-V VMs:
Generation 1 - support most guest operating systems
BIOS-based architecture
Generation 2 - support most 64-bit versions of Windows and more current versions of Linux and FreeBSD operating systems
UEFI-based boot architecture (improved boot and installation times)
Secure Boot verifies the boot loader is signed by a trusted authority
Larger boot volume up to 64 TB
There are 3 ways to connect to your Virtual Machines
Secure Shell (SSH)
Remote Desktop Protocol (RDP)
Bastion
Secure Shell (SSH) is a protocol to establish a secure connection between a client and server.
This is how you can remotely connect to your Azure VM via terminal
SSH happens on Port 22 via TCP
RSA Key Pairs are commonly used to authorize access
SSH Key Pairs is when you generate out two keys:
- A Private Key
- A Public Key
The private key should remain on your local system and not be shared with others.
The public key is stored on VM.
Remote Desktop Protocol (RDP) is a proprietary protocol developed by Microsoft which provides a user with a graphical interface to connect to another computer over a network connection.
This is how you can remotely connect to Windows Server via Virtual Desktop
RDP happens on Port 3389 via TCP and UDP
Azure Bastion is a service you deploy that lets you connect to a virtual machine using your browser and the Azure portal.
It provides secure and seamless RDP/SSH connectivity to your virtual machines directly from the Azure portal over TLS
A bastion is a hardened instance that is monitored. Users connect to this VM which then establishes a connection to the target instance.
Sometimes known as jump box since you have one extra security step.
Update Management
allows you to cache manage and install operating system updates and patches for both Windows and Linux virtual machines that are deployed in Azure, on-premises, or in other cloud providers
When you launch an Azure VM you can go to Operations and turn on Guest + Host Updates.
This will install the Microsoft Monitoring Agent (MMA) that will be used to monitor your instances
Azure Automations is the underlying service that is installed the agent.
Update Management will perform a scan for update compliance
A compliance scan is by default, performed every 12 hours on a Windows and every 3 hours on a Linux
It can take between 30 minutes and 6 hours for the dashboard to display updated data from managed computers.
In Azure Automation, you can enable the Update Management, Change Tracking and Inventory, and Start/Stop VMs during off-hours features for your servers and virtual machines.
What is Infrastructure As Code? (IaC)
the process of managing and provisioning computer data centers (eg, Azure) through machine-readable definition files (eg. JSON files) rather than physical hardware configuration or interactive configuration tools.
aCs can either be:
Declarative — You defined exactly what you want, and you get exactly that
Imperative — You define what you generally want, and the service will guess what you want
